Am 17.09.2014 um 00:18 schrieb Philip Prindeville: > MIMEDefang allows you to do all this, plus you can call Perl modules like > File::Type on attachments to figure out if the file has been mistyped (i.e. > the content-type disagrees with what the actual file header and/or file > extension says it is).
thanks - but the idea is not to add another layer there are already clamav and spamassassin as milter the intention is to avoid the additional layers in case of bad extensions current question is why a "test.exe" attached by Thunderbird works fine with Viktors rule with postmap but not in real operations while it was made sure the config file is used adn all reloaded > On Sep 16, 2014, at 12:04 PM, li...@rhsoft.net wrote: > >> (yes i know it's not 100% perfect in any case) >> >> but anybody using "mime_header_checks" by one of the similar howtos out >> there should review the configuration - without \" at the end of the >> regex this is prone to false positives >> >> two examples from real world (.scr and .com wrongly rejected) >> >> * name="strace.Scripting-with-the-xss.pdf.txt" >> * filename="BOOKING.COM: Hotel 342802.PDF" >> >> i think this was the one i followed >> http://www.cyberciti.biz/tips/postfix-block-mime-attachment-files.html >> _________________________________________________ >> >> cat /etc/postfix/mime_header_checks.cf >> # Reject Attachment-Extensions >> /name=[^>]*\.(386|acm|ade|adp|awx|ax|bas|bat|bin|cdf|chm|cnv|com|cpl|crt|csh|dll|dlo|drv|exe|hlp|hta|inf|ins|isp|jse|lnk|msc|msi|msp|mst|ocx|pcd|pif|pl|reg|scr|script|sct|sh|shb|shs|sys|so|tlb|vb|vbe|vbs|wiz|wll|wpc|wsc|wsf|wsh)\"/ >> REJECT 554 Attachment Blocked
